Azure · borisf94 · Dec 22, 2024 · Dec 22, 2024 · Dec 22, 2024
@@ -226,6 +226,20 @@ public void FilterRules_ValidConfiguration_NoExceptionThrown()
             TemplateAnalyzer.Create(false).FilterRules(new ConfigurationDefinition());
         }
 
+        [TestMethod]
+        public void Analyze_NoPowershellRules_NoExceptionThrown()
+        {
+            string[] resourceProperties = {
+                GenerateResource(
+                    @"{ ""azureActiveDirectory"": { ""tenantId"": ""tenantIdValue"" } }",
+                    "Microsoft.ServiceFabric/clusters", "resource1")
+            };
+
+            string template = GenerateTemplate(resourceProperties);
+
+            TemplateAnalyzer.Create(false, includePowerShellRules: false).AnalyzeTemplate(template, "aFilePath");
+        }
+
         [TestMethod]
         public void CustomRulesFileIsProvided_NoExceptionThrown()
         {

@@ -52,8 +52,9 @@ private TemplateAnalyzer(JsonRuleEngine jsonRuleEngine, PowerShellRuleEngine pow
         /// <param name="includeNonSecurityRules">Whether or not to run also non-security rules against the template.</param>
         /// <param name="logger">A logger to report errors and debug information</param>
         /// <param name="customJsonRulesPath">An optional custom rules json file path.</param>
+        /// <param name="includePowerShellRules">Whether or not to run also powershell rules against the template.</param>
         /// <returns>A new <see cref="TemplateAnalyzer"/> instance.</returns>
-        public static TemplateAnalyzer Create(bool includeNonSecurityRules, ILogger logger = null, FileInfo customJsonRulesPath = null)
+        public static TemplateAnalyzer Create(bool includeNonSecurityRules, ILogger logger = null, FileInfo customJsonRulesPath = null, bool includePowerShellRules = true)
         {
             string rules;
             try
@@ -72,7 +73,7 @@ public static TemplateAnalyzer Create(bool includeNonSecurityRules, ILogger logg
                         ? new BicepSourceLocationResolver(templateContext)
                         : new JsonSourceLocationResolver(templateContext),
                     logger),
-                new PowerShellRuleEngine(includeNonSecurityRules, logger),
+                includePowerShellRules ? new PowerShellRuleEngine(includeNonSecurityRules, logger) : null,
                 logger);
         }
 
@@ -158,7 +159,9 @@ private IEnumerable<IEvaluation> AnalyzeAllIncludedTemplates(string populatedTem
             try
             {
                 IEnumerable<IEvaluation> evaluations = this.jsonRuleEngine.AnalyzeTemplate(templateContext);
-                evaluations = evaluations.Concat(this.powerShellRuleEngine.AnalyzeTemplate(templateContext));
+
+                if(this.powerShellRuleEngine is not null)
+                    evaluations = evaluations.Concat(this.powerShellRuleEngine.AnalyzeTemplate(templateContext));
 
                 // Recursively handle nested templates 
                 var jsonTemplate = JObject.Parse(populatedTemplate);
@@ -187,7 +190,7 @@ private IEnumerable<IEvaluation> AnalyzeAllIncludedTemplates(string populatedTem
                             // Variables, parameters and functions inherited from parent template
                             string functionsKey = populatedNestedTemplate.InsensitiveToken("functions")?.Parent.Path ?? "functions";
                             string variablesKey = populatedNestedTemplate.InsensitiveToken("variables")?.Parent.Path ?? "variables";
-                            string parametersKey = populatedNestedTemplate.InsensitiveToken("parameters")?.Parent.Path ?? "parameters" ;
+                            string parametersKey = populatedNestedTemplate.InsensitiveToken("parameters")?.Parent.Path ?? "parameters";
 
                             populatedNestedTemplate[functionsKey] = jsonTemplate.InsensitiveToken("functions");
                             populatedNestedTemplate[variablesKey] = jsonTemplate.InsensitiveToken("variables");